The vulnerability of the TFTP-client software for Zyxel GS1900 and XGS1210 series switch devices allows a intruder to execute arbitrary commands.

The vulnerability of the TFTP-client software for Zyxel GS1900 and XGS1210 series switch devices is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary OS commands via the graphical interface...

CVE-2021-35031

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...

CVE-2021-35031

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...

CVE-2021-35031

The CVE-2021-35031 issue affects Zyxel GS1900 series firmware and XGS1210/XGS1250 series firmware, where the TFTP client component does not enforce privilege controls for functions that can run system commands. This enables an authenticated LAN user to execute arbitrary OS commands via the device...